- 14 7月, 2015 2 次提交
-
-
由 Herbert Xu 提交于
Currently the task of freeing an instance is given to the crypto template. However, it has no type information on the instance so we have to resort to checking type information at runtime. This patch introduces a free function to crypto_type that will be used to free an instance. This can then be used to free an instance in a type-safe manner. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
The function __crypto_dequeue_request is completely unused. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 08 7月, 2015 1 次提交
-
-
由 Vutla, Lokesh 提交于
The AEAD speed tests doesn't do a wait_for_completition, if the return value is EINPROGRESS or EBUSY. Fixing it here. Also add a test case for gcm(aes). Signed-off-by: NLokesh Vutla <lokeshvutla@ti.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 07 7月, 2015 2 次提交
-
-
由 LABBE Corentin 提交于
All tests for cbc(aes) use only blocks of data with a multiple of 4. This test adds a test with some odd SG size. Signed-off-by: NLABBE Corentin <clabbe.montjoie@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
The AEAD version of cryptd uses the same context for its own state as well as that of the child. In doing so it did not maintain the proper ordering, thus resulting in potential state corruption where the child will overwrite the state stored by cryptd. This patch fixes and also sets the request size properly. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 25 6月, 2015 6 次提交
-
-
由 Alexander Kuleshov 提交于
There are two generated files: crypto/rsakey-asn1.c and crypto/raskey-asn1.h, after the cfc2bb32 commit. Let's add .gitignore to ignore *-asn1.[ch] files. Signed-off-by: NAlexander Kuleshov <kuleshovmail@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Guenter Roeck 提交于
arm64:allmodconfig fails to build as follows. In file included from include/acpi/platform/aclinux.h:74:0, from include/acpi/platform/acenv.h:173, from include/acpi/acpi.h:56, from include/linux/acpi.h:37, from ./arch/arm64/include/asm/dma-mapping.h:21, from include/linux/dma-mapping.h:86, from include/linux/skbuff.h:34, from include/crypto/algapi.h:18, from crypto/asymmetric_keys/rsa.c:16: include/linux/ctype.h:15:12: error: expected ‘;’, ‘,’ or ‘)’ before numeric constant #define _X 0x40 /* hex digit */ ^ crypto/asymmetric_keys/rsa.c:123:47: note: in expansion of macro ‘_X’ static int RSA_I2OSP(MPI x, size_t xLen, u8 **_X) ^ crypto/asymmetric_keys/rsa.c: In function ‘RSA_verify_signature’: crypto/asymmetric_keys/rsa.c:256:2: error: implicit declaration of function ‘RSA_I2OSP’ The problem is caused by an unrelated include file change, resulting in the inclusion of ctype.h on arm64. This in turn causes the local variable _X to conflict with macro _X used in ctype.h. Fixes: b6197b93 ("arm64 : Introduce support for ACPI _CCA object") Cc: Suthikulpanit, Suravee <Suravee.Suthikulpanit@amd.com> Signed-off-by: NGuenter Roeck <linux@roeck-us.net> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Tadeusz Struk 提交于
Don't print info about missing test for the internal helper __driver-gcm-aes-aesni changes in v2: - marked test as fips allowed Signed-off-by: NTadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Markus Elfring 提交于
The kzfree() function tests whether its argument is NULL and then returns immediately. Thus the test around the call is not needed. This issue was detected by using the Coccinelle software. Signed-off-by: NMarkus Elfring <elfring@users.sourceforge.net> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Tadeusz Struk 提交于
Signed-off-by: NTadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
The core of the Jitter RNG is intended to be compiled with -O0. To ensure that the Jitter RNG can be compiled on all architectures, separate out the RNG core into a stand-alone C file that can be compiled with -O0 which does not depend on any kernel include file. As no kernel includes can be used in the C file implementing the core RNG, any dependencies on kernel code must be extracted. A second file provides the link to the kernel and the kernel crypto API that can be compiled with the regular compile options of the kernel. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 22 6月, 2015 9 次提交
-
-
由 Herbert Xu 提交于
As the AEAD conversion is still ongoing, we do not yet wish to export legacy AEAD implementations to user-space, as their calling convention will change. This patch actually disables all AEAD algorithms because some of them (e.g., cryptd) will need to be modified to propagate this flag. Subsequent patches will reenable them on an individual basis. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
The bit CRYPTO_ALG_INTERNAL was added to stop af_alg from accessing internal algorithms. However, af_alg itself was never modified to actually stop that bit from being used by the user. Therefore the user could always override it by specifying the relevant bit in the type and/or mask. This patch silently discards the bit in both type and mask. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
This patch changes the RNG allocation so that we only hold a reference to the RNG during initialisation. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
When seqiv is used in compatibility mode, this patch allows it to function even when an RNG Is not available. It also changes the RNG allocation for the new explicit seqiv interface so that we only hold a reference to the RNG during initialisation. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
The RNG may not be available during early boot, e.g., the relevant modules may not be included in the initramfs. As the RNG Is only needed for IPsec, we should not let this prevent use of ciphers without IV generators, e.g., for disk encryption. This patch postpones the RNG allocation to the init function so that one failure during early boot does not make the RNG unavailable for all subsequent users of the same cipher. More importantly, it lets the cipher live even if RNG allocation fails. Of course we no longer offer IV generation and which will fail with an error if invoked. But all other cipher capabilities will function as usual. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
The RNG may not be available during early boot, e.g., the relevant modules may not be included in the initramfs. As the RNG Is only needed for IPsec, we should not let this prevent use of ciphers without IV generators, e.g., for disk encryption. This patch postpones the RNG allocation to the init function so that one failure during early boot does not make the RNG unavailable for all subsequent users of the same cipher. More importantly, it lets the cipher live even if RNG allocation fails. Of course we no longer offer IV generation and which will fail with an error if invoked. But all other cipher capabilities will function as usual. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
This patch adds a new crypto_user command that allows the admin to delete the crypto system RNG. Note that this can only be done if the RNG is currently not in use. The next time it is used a new system RNG will be allocated. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
Currently we free the default RNG when its use count hits zero. This was OK when the IV generators would latch onto the RNG at instance creation time and keep it until the instance is torn down. Now that IV generators only keep the RNG reference during init time this scheme causes the default RNG to come and go at a high frequencey. This is highly undesirable as we want to keep a single RNG in use unless the admin wants it to be removed. This patch changes the scheme so that the system RNG once allocated is never removed unless a specifically requested. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
Currently for skcipher IV generators they must provide givencrypt as that is the whole point. We are currently replacing skcipher IV generators with explicit IV generators. In order to maintain backwards compatibility, we need to allow the IV generators to still function as a normal skcipher when the RNG Is not present (e.g., in the initramfs during boot). IOW everything but givencrypt and givdecrypt will still work but those two will fail. Therefore this patch assigns a default givencrypt that simply returns an error should it be NULL. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 21 6月, 2015 1 次提交
-
-
由 Tadeusz Struk 提交于
Should be CRYPTO_AKCIPHER instead of AKCIPHER Reported-by: NAndreas Ruprecht <andreas.ruprecht@fau.de> Signed-off-by: NTadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 18 6月, 2015 2 次提交
-
-
由 Herbert Xu 提交于
The AEAD speed test SG list setup did not correctly mark the AD, potentially causing a crash. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
This patch adds a speed test for rfc4309(ccm(aes)) as mode 212. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 17 6月, 2015 10 次提交
-
-
由 Tadeusz Struk 提交于
New test vectors for RSA algorithm. Signed-off-by: NTadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Tadeusz Struk 提交于
Add a new rsa generic SW implementation. This implements only cryptographic primitives. Signed-off-by: NTadeusz Struk <tadeusz.struk@intel.com> Added select on ASN1. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Tadeusz Struk 提交于
Add Public Key Encryption API. Signed-off-by: NTadeusz Struk <tadeusz.struk@intel.com> Made CRYPTO_AKCIPHER invisible like other type config options. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Martin Willi 提交于
The Poly1305 authenticator requires a unique key for each generated tag. This implies that we can't set the key per tfm, as multiple users set individual keys. Instead we pass a desc specific key as the first two blocks of the message to authenticate in update(). Signed-off-by: NMartin Willi <martin@strongswan.org> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
This patch adds rfc4106 test vectors sourced from draft-mcgrew-gcm-test-01. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
This reverts commit 9b9f9296a7b73fbafe0a0a6f2494eaadd97f9f73 as all in-kernel implementations of GCM have been converted to the new AEAD interface, meaning that they should now pass the updated rfc4543 test. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
This patch updates the rfc4543 test vectors to the new format where the IV is part of the AD. For now these vectors are still unused. They will be reactivated once all rfc4543 implementations have migrated. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
This patch converts generic gcm and its associated transforms to the new AEAD interface. The biggest reward is in code reduction for rfc4543 where it used to do IV stitching which is no longer needed as the IV is already part of the AD on input. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
Because the old rfc4543 implementation always injected an IV into the AD, while the new one does not, we have to disable the test while it is converted over to the new AEAD interface. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Paul Gortmaker 提交于
This driver builds off of the tristate CONFIG_PKCS7_TEST_KEY and calls module_init and module_exit. So it should explicitly include module.h to avoid compile breakage during header shuffles done in the future. Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Signed-off-by: NPaul Gortmaker <paul.gortmaker@windriver.com>
-
- 11 6月, 2015 2 次提交
-
-
由 Herbert Xu 提交于
The hash-based DRBG variants all use sha256 so we need to add a select on it. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Sergey Senozhatsky 提交于
Be more verbose and also report ->backend_cra_name when crypto_alloc_shash() or crypto_alloc_cipher() fail in drbg_init_hash_kernel() or drbg_init_sym_kernel() correspondingly. Example DRBG: could not allocate digest TFM handle: hmac(sha256) Signed-off-by: NSergey Senozhatsky <sergey.senozhatsky@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 10 6月, 2015 2 次提交
-
-
由 Stephan Mueller 提交于
As required by SP800-90A, the DRBG implements are reseeding threshold. This threshold is at 2**48 (64 bit) and 2**32 bit (32 bit) as implemented in drbg_max_requests. With the recently introduced changes, the DRBG is now always used as a stdrng which is initialized very early in the boot cycle. To ensure that sufficient entropy is present, the Jitter RNG is added to even provide entropy at early boot time. However, the 2nd seed source, the nonblocking pool, is usually degraded at that time. Therefore, the DRBG is seeded with the Jitter RNG (which I believe contains good entropy, which however is questioned by others) and is seeded with a degradded nonblocking pool. This seed is now used for quasi the lifetime of the system (2**48 requests is a lot). The patch now changes the reseed threshold as follows: up until the time the DRBG obtains a seed from a fully iniitialized nonblocking pool, the reseeding threshold is lowered such that the DRBG is forced to reseed itself resonably often. Once it obtains the seed from a fully initialized nonblocking pool, the reseed threshold is set to the value required by SP800-90A. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
The get_blocking_random_bytes API is broken because the wait can be arbitrarily long (potentially forever) so there is no safe way of calling it from within the kernel. This patch replaces it with the new callback API which does not have this problem. The patch also removes the entropy buffer registered with the DRBG handle in favor of stack variables to hold the seed data. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 09 6月, 2015 2 次提交
-
-
由 Stephan Mueller 提交于
Replace the global -O0 compiler flag from the Makefile with GCC pragmas to mark only the functions required to be compiled without optimizations. This patch also adds a comment describing the rationale for the functions chosen to be compiled without optimizations. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 LABBE Corentin 提交于
Signed-off-by: NLABBE Corentin <clabbe.montjoie@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 04 6月, 2015 1 次提交
-
-
由 Herbert Xu 提交于
This patch removes krng so that DRBG can take its place. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-